mapping model

jperm/models.py

@@ -1,8 +1,8 @@
 import datetime
 
 from django.db import models
-from juser.models import User, UserGroup
 from jasset.models import Asset, AssetGroup
+from juser.models  import User, UserGroup
 
 
 class PermLog(models.Model):
@@ -19,3 +19,27 @@ class SysUser(models.Model):
     comment = models.CharField(max_length=100, null=True, blank=True, default='')
 
 
+class PermRole(models.Model):
+    name = models.CharField(max_length=100)
+    comment = models.CharField(max_length=100)
+
+
+class UserMapping(models.Model):
+    role = models.ForeignKey(PermRole, related_name='user_mapping')
+    user = models.ForeignKey(User, related_name='user_mapping')
+    asset = models.ForeignKey(Asset, related_name='user_mapping')
+    asset_group = models.ForeignKey(AssetGroup, related_name='user_mapping', null=True, blank=True)
+
+
+class GroupMapping(models.Model):
+    role = models.ForeignKey(PermRole, related_name='group_mapping')
+    usergroup = models.ForeignKey(UserGroup, related_name='group_mapping', null=True, blank=True)
+    asset = models.ForeignKey(Asset, related_name='group_mapping')
+    asset_group = models.ForeignKey(AssetGroup, related_name='group_mapping', null=True, blank=True)
+
+
+
+
+
+
+

jperm/playbooks/add_init_users/add_users.yml

@@ -0,0 +1,12 @@
+---
+
+- hosts: 'add_users_group'
+  gather_facts: no
+  tasks:
+    - name: add SA user
+      command: uname -a
+
+
+
+
+

jperm/playbooks/test.yml

@@ -0,0 +1,9 @@
+---
+
+- hosts: test
+  gather_facts: no
+  tasks:
+    - name: just for test
+      command: uname -a
+
+

jperm/urls.py

@@ -4,6 +4,7 @@ from jperm.views import *
 urlpatterns = patterns('jperm.views',
                        (r'^user/$', perm_user_list),
                        (r'^perm_user_edit/$', perm_user_edit),
+                       (r'^perm_user_detail/$', perm_user_detail),
                        (r'^group/$', perm_group_list),
                        (r'^perm_group_edit/$', perm_group_edit),
                        (r'^log/$', log),

jperm/utils.py

@@ -0,0 +1,36 @@
+# -*- coding: utf-8 -*-
+
+import random
+
+def get_rand_pass():
+    """
+    get a reandom password.
+    """
+    lower = [chr(i) for i in range(97,123)]
+    upper = [chr(i).upper() for i in range(97,123)]
+    digit = [str(i) for i in range(10)]
+    password_pool = []
+    password_pool.extend(lower)
+    password_pool.extend(upper)
+    password_pool.extend(digit)
+    pass_list = [random.choice(password_pool) for i in range(1,14)]
+    pass_list.insert(random.choice(range(1,14)), '@')
+    pass_list.insert(random.choice(range(1,14)), random.choice(digit))
+    password = ''.join(pass_list)
+    return password
+
+def updates_dict(*args):
+    """
+    surport update multi dict
+    """
+    result = {}
+    for d in args:
+        result.update(d)
+    return result
+
+
+
+if __name__ == "__main__":
+    pass
+
+

jperm/views.py

@@ -9,7 +9,12 @@ from jperm.models import SysUser
 from juser.user_api import gen_ssh_key
 
 
-from django.shortcuts import render_to_response
+from juser.models     import User
+from jasset.models    import Asset, AssetGroup
+
+from jperm.utils      import updates_dict
+
+from jumpserver.api   import my_render, get_object
 
 
 @require_role('admin')
@@ -22,8 +27,8 @@ def perm_user_list(request):
         2. include 部分：{% include 'nav_cat_bar.html' %}
              rander_nav 为渲染数据
     """
-    render_data = {}
     data_nav = {"header_title": "用户授权", "path1": "授权管理", "path2": "用户授权"}
+
     # 获取所有用户
     users_list = User.objects.all()
     
@@ -32,39 +37,72 @@ def perm_user_list(request):
     if keyword:
         users_list = users_list.filter(Q(name=keyword) | Q(username=keyword))
     users_list, p, users, page_range, current_page, show_first, show_end = pages(users_list, request)
-
     data_content = {"users": users}
-    for data in [data_nav, data_content]:
-        render_data.update(data)
-        
-    return render_to_response('jperm/perm_user_list.html', render_data)
 
+    render_data = updates_dict(data_nav, data_content)
+        
+    return my_render('jperm/perm_user_list.html', render_data, request)
+
+
+@require_role('admin')
+def perm_user_detail(request):
+    """
+    用户详情视图：
+      该视图的模板包含2部分：
+        1. block   部分：{% block content %}
+             rander_content 为渲染数据
+        2. include 部分：{% include 'nav_cat_bar.html' %}
+             rander_nav 为渲染数据
+    """
+    data_nav = {"header_title": "用户授权", "path1": "授权管理", "path2": "用户详情"}
+
+    # 待实现
+    render_data = updates_dict(data_nav)
+
+    return my_render('jperm/perm_user_detail.html', render_data, request)
+    
 
 @require_role('admin')
 def perm_user_edit(request):
     """
     TODO:
     """
-    header_title, path1, path2 = '用户授权', '授权管理', '授权更改'
+    data_nav = {"header_title": "用户授权", "path1": "授权管理", "path2": "授权更改"}
+
+    # 获取user对象
     user_id = request.GET.get('id', '')
     user = get_object(User, id=user_id)
-    asset_all = Asset.objects.all()  # 获取所有资产
-    asset_group_all = AssetGroup.objects.all()  # 获取所有资产组
-    asset_permed = user.asset.all()  # 获取授权的资产对象列表
-    asset_group_permed = user.asset_group.all() # 获取授权的资产组对象列表
+
+    # 获取所有 资产 和 资产组
+    asset_all = Asset.objects.all()
+    asset_group_all = AssetGroup.objects.all()
+
+    # 获取授权的 资产对象列表 和 资产组对象列表
+    asset_permed = user.asset.all()
+    asset_group_permed = user.asset_group.all()
+
+    # 获取未授权的 资产对象列表 和 资产组对象列表
     if request.method == 'GET' and user:
-        assets = [asset for asset in asset_all if asset not in asset_permed]  # 获取没有授权的资产对象列表
-        asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed]  # 同理
-        return my_render('jperm/perm_user_edit.html', locals(), request)
+        assets = [asset for asset in asset_all if asset not in asset_permed]
+        asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed]
+        data_content = {"assets": assets, "asset_groups": asset_groups, "user": user}
+
+        render_data = updates_dict(data_nav, data_content)        
+        return my_render('jperm/perm_user_edit.html', render_data, request)
+
     elif request.method == 'POST' and user:
-        asset_id_select = request.POST.getlist('asset_select', [])  # 获取选择的资产id列表
-        asset_group_id_select = request.POST.getlist('asset_groups_select', [])  # 获取选择的资产组id列表
+        # 获取选择的资产列表 和 资产组列表
+        asset_id_select = request.POST.getlist('asset_select', [])
+        asset_group_id_select = request.POST.getlist('asset_groups_select', [])
         asset_select = get_object_list(Asset, asset_id_select)
         asset_group_select = get_object_list(AssetGroup, asset_group_id_select)
-        asset_new = list(set(asset_select) - set(asset_permed))  # 计算的得到新授权的资产对象列表
-        asset_del = list(set(asset_permed) - set(asset_select))  # 计算得到回收权限的资产对象列表
-        asset_group_new = list(set(asset_group_select) - set(asset_group_permed))  # 新授权的资产组对象列表
-        asset_group_del = list(set(asset_group_permed) - set(asset_group_select))  # 回收的资产组对象列表
+
+        # 新授权的资产对象列表, 回收权限的资产对象列表, 新授权的资产组对象列表, 回收的资产组对象列表
+        asset_new = list(set(asset_select) - set(asset_permed))
+        asset_del = list(set(asset_permed) - set(asset_select))
+        asset_group_new = list(set(asset_group_select) - set(asset_group_permed))
+        asset_group_del = list(set(asset_group_permed) - set(asset_group_select))
+
         for asset_group in asset_group_new:
             asset_new.extend(asset_group.asset_set.all())
         for asset_group in asset_group_del:

jumpserver/tasks.py

@@ -1,4 +1,4 @@
-# coding: utf-8
+# -*- coding: utf-8 -*-
 
 from ansible.playbook import PlayBook
 from ansible import callbacks, utils
@@ -44,4 +44,5 @@ def playbook_run(inventory, playbook, default_user=None, default_port=None, defa
         else:
             results_r['success'].append(hostname)
             print "%s >>> Success" % hostname
-    return results_r
+    return results_r
+

juser/models.py

@@ -2,7 +2,6 @@
 
 from django.db import models
 
-from jasset.models import Asset, AssetGroup
 
 
 class UserGroup(models.Model):
@@ -10,8 +9,8 @@ class UserGroup(models.Model):
     # assets = models.TextField(max_length=1000, verbose_name="Assets", default='')
     # asset_groups = models.CharField(max_length=1000, verbose_name="Asset Groups", default='')
     comment = models.CharField(max_length=160, blank=True, null=True)
-    asset = models.ManyToManyField(Asset)
-    asset_group = models.ManyToManyField(AssetGroup)
+    #asset = models.ManyToManyField(Asset)
+    #asset_group = models.ManyToManyField(AssetGroup)
 
     def __unicode__(self):
         return self.name
@@ -42,8 +41,7 @@ class User(models.Model):
     is_active = models.BooleanField(default=True)
     last_login = models.DateTimeField(null=True)
     date_joined = models.DateTimeField(null=True)
-    asset = models.ManyToManyField(Asset)
-    asset_group = models.ManyToManyField(AssetGroup)
+
 
     def __unicode__(self):
         return self.username

templates/jperm/perm_user_detail.html

@@ -0,0 +1,30 @@
+{% extends 'base.html' %}
+{% load mytags %}
+{% block content %}
+{% include 'nav_cat_bar.html' %}
+
+<div class="wrapper wrapper-content animated fadeInRight">
+    <div class="row">
+        <div class="col-lg-10">
+            <div class="ibox float-e-margins">
+                <div class="ibox-title">
+                    <h5> 还未实现...</h5>
+                    <div class="ibox-tools">
+                        <a class="collapse-link">
+                            <i class="fa fa-chevron-up"></i>
+                        </a>
+                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
+                            <i class="fa fa-wrench"></i>
+                        </a>
+                        <a class="close-link">
+                            <i class="fa fa-times"></i>
+                        </a>
+                    </div>
+                </div>
+                
+            </div>
+        </div>
+    </div>
+</div>
+
+{% endblock %}

templates/jperm/perm_user_list.html

@@ -78,4 +78,4 @@
     </div>
 </div>
 
-{% endblock %}
+{% endblock %}